A fifth of UK firms don't understand GDPR requirements

GDPR (General Data Protection Regulation) is looming, but businesses in the UK are unprepared. They don't know what GDPR is, how it will affect their business, and what they need to do in order to prepare for the upcoming regulation.

Those are the results of a new Europe-wide study by data virtualisation software company Delphix.

According to Delphix, more than a fifth (21 per cent) of UK businesses have 'no understanding' of GDPR. Almost half (42 per cent) have 'looked into some aspects', but not the pseudonymisation tools recommended. A fifth of those studying the tools admitted they are having trouble understanding it.

Unlike the UK, France has a somewhat better understanding of GDPR, the report says. More than a third (38 per cent) claim to fully understand psuedonymisation requirements. Germany stands at 21 per cent. The Germans are also having trouble understanding psuedonymisation requirements (40 per cent).

The biggest benefits of pseudonymisation, for two thirds of companies (67 per cent), is the ability to dodge fines. Another 64 per cent said it will help their brand, while 57 per cent believe it will help them identify, audit and report on data.

“Following the results of the EU referendum, there is confusion about whether the GDPR is still compliant. It’s important to remember the UK’s exit from the EU won’t happen overnight. In the immediate future, the UK will be subject to the same data protection regime as the rest of the EU. In the long-term the UK will still need to prove adequacy and adopt similar data protection standards to continue trading securely within Europe. As a result, organisations need to focus on getting their GDPR preparations underway,” explained Iain Chidgey, VP International at Delphix.

“The GDPR defines pseudonymisation as the process of ensuring data is held in a format that does not directly identify a specific individual without the use of additional information. To address the challenges of a digital age and limit the risk to individuals that have their data breached, the GDPR incentivises organisations to pseudonymise their data at several different points.”